<?php
	include("../include/db.inc");

	//print_r($_POST);
	$login = $_POST["login"];
	$pass = $_POST["pass"];

	$db = new db_Connection();
	$db->Connect();

	$sql = "SELECT * FROM User WHERE username='$login' AND password='$pass'";	
	$result = mysql_query($sql) or die('Query failed: ' . mysql_error());
	if(!$line = mysql_fetch_array($result, MYSQL_ASSOC))
	{
		header('Location: ../login.php');
		exit();
	}

	session_start();
	$_SESSION["logged"] = true;
	$_SESSION["username"] = $line["username"];
	$_SESSION["passkey"] = $line["passkey"];
	$_SESSION["name"] = $line["name"];
	$_SESSION["email"] = $line["email"];
	
	
	header("Location: ../index.php");
?>